Intrusion detection system
System to detect unauthorised attempts to access a system or network
An intrusion detection system is any system designed to detect intrusions, or unauthorised attempts to access, change or in any way manipulate a computer system or network.
Such systems can be network-based (NIDS), sitting at the network edge monitoring all traffic reaching or leaving the network and looking out for irregular activity - a well-known example of a NIDS system is Snort. They can also focus on individual protocols or applications, for example running on a web or application server and monitoring traffic passing through a particular port or protocol, or communications to a particular piece of server software.
Intrusion detection can also run on an individual host, covering the whole system and watching all activity for signs of intrusion, illegal modification or data leakage. Such a system is known as a host-based intrusion detection system, or HIDS.